From 24f9cb015ea011b43f9c4b865c98b61be731487f Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Tue, 12 Mar 2019 11:41:35 +0100 Subject: Cygwin: fork/exec: Allow all users PROCESS_QUERY_LIMITED_INFORMATION Create process with standard rights, plus PROCESS_QUERY_LIMITED_INFORMATION for authenticated users. This allows to fetch basic process information and thus /proc//stat to succeed on foreign processes. While at it, fix formatting in CreateProcess calls. Signed-off-by: Corinna Vinschen --- winsup/cygwin/fork.cc | 17 ++++++++++++----- winsup/cygwin/spawn.cc | 30 ++++++++++++++++++------------ 2 files changed, 30 insertions(+), 17 deletions(-) diff --git a/winsup/cygwin/fork.cc b/winsup/cygwin/fork.cc index 7ae0404..74ee9ac 100644 --- a/winsup/cygwin/fork.cc +++ b/winsup/cygwin/fork.cc @@ -318,6 +318,13 @@ frok::parent (volatile char * volatile stack_here) ch.silentfail (!*with_forkables); /* fail silently without forkables */ + tmp_pathbuf tp; + PSECURITY_ATTRIBUTES sa = (PSECURITY_ATTRIBUTES) tp.w_get (); + if (!sec_user_nih (sa, cygheap->user.saved_sid (), + well_known_authenticated_users_sid, + PROCESS_QUERY_LIMITED_INFORMATION)) + sa = &sec_none_nih; + while (1) { PCWCHAR forking_progname = NULL; @@ -339,12 +346,12 @@ frok::parent (volatile char * volatile stack_here) sure child stack is allocated in the same memory location as in parent. */ - &sec_none_nih, - &sec_none_nih, - TRUE, /* inherit handles from parent */ + sa, + sa, + TRUE, /* inherit handles */ c_flags, - NULL, /* environment filled in later */ - 0, /* use current drive/directory */ + NULL, /* environ filled in later */ + 0, /* use cwd */ &si, &pi); diff --git a/winsup/cygwin/spawn.cc b/winsup/cygwin/spawn.cc index ebc34d1..4e549f7 100644 --- a/winsup/cygwin/spawn.cc +++ b/winsup/cygwin/spawn.cc @@ -566,6 +566,12 @@ child_info_spawn::worker (const char *prog_arg, const char *const *argv, SetHandleInformation (my_wr_proc_pipe, HANDLE_FLAG_INHERIT, 0); parent_winpid = GetCurrentProcessId (); + PSECURITY_ATTRIBUTES sa = (PSECURITY_ATTRIBUTES) tp.w_get (); + if (!sec_user_nih (sa, cygheap->user.sid (), + well_known_authenticated_users_sid, + PROCESS_QUERY_LIMITED_INFORMATION)) + sa = &sec_none_nih; + loop: /* When ruid != euid we create the new process under the current original account and impersonate in child, this way maintaining the different @@ -586,13 +592,13 @@ child_info_spawn::worker (const char *prog_arg, const char *const *argv, && !::cygheap->user.groups.issetgroups () && !::cygheap->user.setuid_to_restricted)) { - rc = CreateProcessW (runpath, /* image name - with full path */ - cmd.wcs (wcmd),/* what was passed to exec */ - &sec_none_nih, /* process security attrs */ - &sec_none_nih, /* thread security attrs */ - TRUE, /* inherit handles from parent */ + rc = CreateProcessW (runpath, /* image name w/ full path */ + cmd.wcs (wcmd), /* what was passed to exec */ + sa, /* process security attrs */ + sa, /* thread security attrs */ + TRUE, /* inherit handles */ c_flags, - envblock, /* environment */ + envblock, /* environment */ NULL, &si, &pi); @@ -640,13 +646,13 @@ child_info_spawn::worker (const char *prog_arg, const char *const *argv, } rc = CreateProcessAsUserW (::cygheap->user.primary_token (), - runpath, /* image name - with full path */ - cmd.wcs (wcmd),/* what was passed to exec */ - &sec_none_nih, /* process security attrs */ - &sec_none_nih, /* thread security attrs */ - TRUE, /* inherit handles from parent */ + runpath, /* image name w/ full path */ + cmd.wcs (wcmd), /* what was passed to exec */ + sa, /* process security attrs */ + sa, /* thread security attrs */ + TRUE, /* inherit handles */ c_flags, - envblock, /* environment */ + envblock, /* environment */ NULL, &si, &pi); -- cgit v1.1